Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Interop.ActiveDs GetObject("User") error: Cannot create Active

  Asked By: Sekhar    Date: Mar 26    Category: Sharepoint    Views: 3152

I am desperately in need of some expertise on interface with Active Directory.

In my aspx pages, web parts and web services, I have always used the
Interop.ActiveDs.dll to talk to the Active Directory.

My code looks like:
Imports Interop.ActiveDs
Dim objRootDSE As IADs
Dim objUsers As IADsContainer
objRootDSE = GetObject("LDAP://myADServer/rootDSE")
objUsers = GetObject("LDAP://CN=Users," &

The code used to work perfectly. But lately, the same code does not work
anymore. The first line which gets the rootDSE still works, but the second line
for CN=Users always yields an error:
GetObject for User error:Cannot create ActiveX component.

From our system administrator, I learned that two things have changed on the
1. Service Pack 2 was installed on the Microsoft Windows Server 2003
2. The server is no longer a Domain Controller.

I searched thought the internet and found that some have encountered a similar
problem because Interop.ActiveDs.dll does not have a strong name. So, I used
tlbimp.exe to wrap a strong name for the DLL. But the error still persists.

Do you think that the server no being a Domain Controller makes this
Interop.ActiveDs GetObject() call impossible?

Can anyone help? I've searched through the Internet and tried many different
things, but nothing works yet.



8 Answers Found

Answer #1    Answered By: Jaime Weaver     Answered On: Mar 26

I'm no code-monkey, but let me have a stab at this anyways...
I'd put money on the fact that it's broken because the box isn't a DC anymore.
When I did my powershell course, we spoke about this sort of scenario, and were
told to always bind to the namespace, rather than a particular server. Perhaps
something along the lines of objRootDSE =
GetObject("LDAP://dc=domain,dc=tld/rootDSE") might work??? (again, I'm no
code-monkey, so don't be surprised if it doesn't work!)

Alternatively, is it possible to run the script against a known DC, just to see
if that is the problem?

Answer #2    Answered By: Anibal Baird     Answered On: Mar 26

I have tried several different things  but nothing works:
Specify both server  URL and naming context
Specify only naming context

Maybe you are right that the the server must be a Domain Controller. One of the
post I read from the Internet claimed that it was OK for Interop.ActiveDs.dll to
work in a non-DC Windows 2000 server, but not anymore for a Windows 2003 server
or beyond.

I wonder if anyone has experience on how to use ActiveDs.dll (or other methods)
to talk  to a Non-DC Windows 2000 server.

Answer #3    Answered By: Karla Morrison     Answered On: Mar 26

We are currently using the code  below to access AD to get a user's first name
and last name from their login for display.
Note that we are providing a service  account / password with permission to query

Answer #4    Answered By: Patricia Richardson     Answered On: Mar 26

It looks like this new direction is
exactly what I am looking for.

I search thought the Internet more and found that GetObject() is the old way and
should be replaced by DirectoryServices which contain two classes:
DirectoryEntry and DirectorySearcher. I did some coding and had some success:

Dim objRootDSE As DirectoryEntry
Dim qualifier As String
qualifier = "LDAP://myserver:portnumber/RootDSE"
objRootDSE = New DirectoryEntry(qualifier, "admin", "passwd")

This works  so far and I can iterate all properites of objRootDSE.

But then, I try to find all children:
Dim objChildDE As New DirectoryEntry
For Each objChildDE In objRootDSE.Children
'display objChildDE.Path
Next objChildDE
But the above displays nothing: objRootDSE does not have any children - should
it contain many children including CN=User?

I then use DirectorySearcher
Dim ADSearcher As DirectorySearcher = New DirectorySearcher(objRootDSE)
ADSearcher.Filter = "sSMAccountName=userId"
Dim result As SearchResult = ADSearcher.FindOne()

Unfortunately the DirectorySearcher.FindOne() gives me an error
The provider does not support searching and cannot search

Is there anything I've missed? Is something that not configurated right in the
Active Directory?

Answer #5    Answered By: Alexandra Patterson     Answered On: Mar 26

Glad the info was helpful.

What information are you trying to get out of AD? Are you after a list of
users in a network group?

I haven't worked much with AD but I may have some ideas.

Answer #6    Answered By: Deven Ghurye     Answered On: Mar 26

We use the interface  to search and manage users and groups in Active Directory:
1. Search Users and Groups using different search criteria
2. Create Users provided account names and passwords
3. Change password

All these functions require access, an administrative access to the Active
Directory. The error  "The provider does not support searching and cannot search"
just shuts the door.

Answer #7    Answered By: Stefanie Ruiz     Answered On: Mar 26

Unfortunately, I haven't worked with updating AD from a web  application.

Sorry for taking so long to get back to you and that I can't be of more

Answer #8    Answered By: Damon Garner     Answered On: Mar 26

I will try to ask Microsoft Support to help me.